Amendments to the Claims: 



1 . (currently amended) A method of communication between a private network and 
a roaming mobile terminal, said private network including a home agent for said 
roaming mobile terminal and a gateway through which said communication passes and 
which provides security protection for said private network, the protocols of said 
communication including security association bundles each including a security 
association between said roaming mobile terminal and said gateway for inbound 
communication and another security association for outbound communication, the 
method comprising the steps of: 

in response to a handover of communication, causing an IP address (MN Co @) of 
said mobile terminal to change to a new IP address (MN New Co @), 

said roaming mobile terminal updates its inbound security association from said 
gateway so that it can receive packets sent to it with said new IP address (MN 

New Co @) as destination, 

said roaming mobile terminal sends a first signalling message with said home agent 
as destination in a secure tunnel to said gateway, 

said first signalling message indicating said new IP address (MN New Co @) in 
secure form to said home agent, 

the inbound security association of said gateway from said roaming mobile terminal 
accepts said first signalling message without checking its source address, 

said gateway forwards said first signalling message within said private network to 
said home agent, 

said home agent checks the validity of said first signalling message and, if it is valid, 
updates its address data and sends a second signalling message to said 
gateway indicating said new address (MN New Co @), and 

said gateway updates its outbound security association with said roaming mobile 
terminal in response to the new address (MN New Co @) indicated. 
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2. (previously presented) A method as claimed in claim 1, wherein communication 
between said mobile node and said gateway is in accordance with an IPsec protocol 
specification. 

3. (previously presented) A method as claimed in claim 2, wherein communication 
between said gateway and said mobile terminal is in accordance with an Encapsulating 
Security Payload protocol used in tunnel mode. 

4. (previously presented) A method as claimed in claim 1, wherein a registration 
reply for said mobile node is included in said second signalling message. 

5. (cancelled). 

6. (cancelled). 

7. (cancelled). 

8. (cancelled). 
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9. (currently amended) A system for communication between a private networl< and 
a roaming mobile terminal, said private network including a home agent for said 
roaming mobile terminal and a gateway through which said communication passes and 
which provides security protection for said private network, the protocols of said 
communication including security association bundles each including a security 
association between said roaming mobile terminal and said gateway for inbound 
communication and another security association for outbound communication, the 
system comprising: 

the roaming mobile terminal, in response to a handover of communication, causes 
an IP address (MN Co @) of said mobile terminal to change to a new IP address 
(MN New Co @), said roaming mobile terminal updates its inbound security 
association from said gateway so that it can receive packets sent to it with said 
new IP address (MN New Co @) as destination, and said roaming mobile 
terminal sends a first signalling message with said home agent as destination in 
a secure tunnel to said gateway, said first signalling message indicating said new 
IP address (MN New Co @) in secure form to said home agent, 

the gateway, with the inbound security association of said gateway from said 
roaming mobile terminal, accepts said first signalling message without checking 
its source address, and forwards said first signalling message within said private 
network to said home agent, 

the home agent checks the validity of said first signalling message and, if it is valid, 
updates its address data and sends a second signalling message to said 
gateway indicating said new address (MN New Co @), and 

the gateway updates its outbound security association with said roaming mobile 
terminal in response to the new address (MN New Co @) indicated. 
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10. (previously presented) A system as claimed in claim 9, wherein communication 
between said mobile node and said gateway is in accordance with an IPsec protocol 
specification. 

11 . (previously presented) A system as claimed in claim 10, wherein communication 
between said gateway and said mobile terminal is in accordance with an Encapsulating 
Security Payload protocol used in tunnel mode. 

12. (previously presented) A system as claimed in claim 9, wherein a registration 
reply for said mobile node is included in said second signalling message. 
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